OTL logfile created on: 1/29/2014 1:33:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.68% Memory free
6.00 Gb Paging File | 4.79 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.83 Gb Total Space | 147.62 Gb Free Space | 66.85% Space Free | Partition Type: NTFS
Drive D: | 11.96 Gb Total Space | 5.13 Gb Free Space | 42.94% Space Free | Partition Type: NTFS
Drive G: | 960.81 Mb Total Space | 952.93 Mb Free Space | 99.18% Space Free | Partition Type: FAT32
Computer Name: JASON-PC2 | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/23 16:11:07 | 000,739,608 | ---- | M] () -- C:\Users\Jason\Downloads\AA_v3.exe
PRC - [2014/01/19 15:27:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2013/08/09 19:02:12 | 001,678,040 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupportService.exe
PRC - [2013/05/16 09:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/05/16 09:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 09:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/15 12:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/22 19:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/11/03 16:41:16 | 000,329,072 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
PRC - [2011/11/03 15:47:36 | 000,243,056 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
PRC - [2011/08/04 12:37:56 | 000,140,656 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Rogers\Rogers Connection Manager\WaHelper.exe
PRC - [2011/06/16 13:40:20 | 000,167,280 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/28 14:26:44 | 001,196,032 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe
PRC - [2010/10/28 14:21:56 | 000,331,776 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe
PRC - [2010/06/10 12:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/03/08 23:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 19:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2009/07/13 18:14:17 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dinotify.exe
PRC - [2009/06/25 21:48:44 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/06/25 21:48:16 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2009/05/05 15:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/16 09:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2013/05/16 09:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 09:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/04/21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/11/03 16:39:14 | 000,251,248 | ---- | M] () -- C:\Program Files\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/12/11 02:08:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/09 19:02:12 | 001,678,040 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\System32\BtwRSupportService.exe -- (BcmBtRSupport)
SRV - [2013/07/19 19:46:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/11/03 15:47:36 | 000,243,056 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe -- (SwiCardDetectSvc)
SRV - [2011/06/16 13:40:20 | 000,167,280 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe -- (IERA)
SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/07/13 18:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/06/25 21:48:16 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/04/29 02:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SWUMX20)
DRV - [2013/08/09 19:02:12 | 000,174,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcbtums.sys -- (bcbtums)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/23 07:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 07:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/08/23 07:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/05/28 11:45:08 | 000,237,568 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2011/05/16 11:44:17 | 000,083,968 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swiwdmbx.sys -- (swiwdmbx)
DRV - [2011/05/13 13:53:00 | 000,215,552 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swg3kser00.sys -- (swg3kser00)
DRV - [2010/11/20 14:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 14:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 14:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 14:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/01/26 19:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/11/02 20:06:12 | 000,011,520 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV - [2009/11/02 20:06:11 | 000,071,424 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIb.sys -- (BrSerIb)
DRV - [2009/07/13 15:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/06/25 22:23:46 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/04/29 02:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2007/10/30 11:41:44 | 000,704,000 | ---- | M] (Keyspan) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USA19H2k.sys -- (USA19H)
DRV - [2007/05/29 15:32:56 | 000,024,192 | ---- | M] (Keyspan) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USA19H2kp.sys -- (USA19H2KP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {B24864FB-99FC-4028-89CF-186CD37D2CF7}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\..\SearchScopes,DefaultScope = {B24864FB-99FC-4028-89CF-186CD37D2CF7}
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\..\SearchScopes\{8B665307-47CE-44A5-88B3-67D7B300AD97}: "URL" = http://search.condui...3285981338&UM=2
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\..\SearchScopes\{B24864FB-99FC-4028-89CF-186CD37D2CF7}: "URL" = http://search.condui...3637483189&UM=2
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1489219213-3380654759-245415699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Torntv V6.0 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.48_0\crossrider
CHR - Extension: Torntv V6.0 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.48_0\
CHR - Extension: Google Docs = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: FVD Downloader = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.6.6_0\
CHR - Extension: FVD Downloader = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.6.6_0\modules\clickberry\_
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/01/12 00:42:35 | 000,450,639 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15467 more lines...
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe (Vitzo)
O4 - HKLM..\Run: [WatcherHelper] C:\Program files\Rogers\Rogers Connection Manager\WaHelper.exe (Sierra Wireless Inc.)
O4 - HKU\S-1-5-21-1489219213-3380654759-245415699-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1489219213-3380654759-245415699-1000..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKU\S-1-5-21-1489219213-3380654759-245415699-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [123_16278002084663] C:\Users\Jason\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp_r.bat ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{193DFE1A-DF8D-4F13-946A-02E995EE8D15}: NameServer = 64.71.255.254 64.71.255.253
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/01 11:52:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{1866b84e-19db-11e3-9cca-001f3bab84fb}\Shell - "" = AutoRun
O33 - MountPoints2\{1866b84e-19db-11e3-9cca-001f3bab84fb}\Shell\AutoRun\command - "" = I:\HPLauncher.exe
O33 - MountPoints2\{5d181d86-1505-11e3-9561-001fe1fe84f7}\Shell - "" = AutoRun
O33 - MountPoints2\{5d181d86-1505-11e3-9561-001fe1fe84f7}\Shell\AutoRun\command - "" = G:\WIN\setup.exe -ap
O33 - MountPoints2\{a70fe50e-6e70-11e3-a3cf-001f3bab84fb}\Shell - "" = AutoRun
O33 - MountPoints2\{a70fe50e-6e70-11e3-a3cf-001f3bab84fb}\Shell\AutoRun\command - "" = G:\WIN\setup.exe -ap
O33 - MountPoints2\{d2b1e541-2a9e-11e3-b64d-001f3bab84fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d2b1e541-2a9e-11e3-b64d-001f3bab84fb}\Shell\AutoRun\command - "" = I:\HPLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/23 16:18:43 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\LogMeIn Rescue Applet
[2014/01/23 16:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AMMYY
[2014/01/19 12:21:44 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Sony Vaio PCG-C1X
[2014/01/14 12:03:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Otafest 2009
[2014/01/10 14:26:45 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\3D printer
[2014/01/08 00:29:38 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\67 Mustang
[2014/01/06 12:18:53 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Volt
[2014/01/06 11:16:18 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\vw xl1
[2014/01/06 11:01:59 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Audi
[2014/01/06 10:51:14 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Road Warrior
[2014/01/05 17:03:02 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\EPS Patrol Cars
[2014/01/05 16:33:49 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\line art cars
[2014/01/05 16:11:10 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Dark Star Games
[2014/01/05 16:07:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\crown Vicy
[2014/01/05 15:39:22 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Chev
[2014/01/03 20:46:45 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Ford customs
[2014/01/03 20:44:26 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Old Hwy trucks
[2014/01/03 20:20:18 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Knott's Berry Farm
========== Files - Modified Within 30 Days ==========
[2014/01/29 01:36:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
[2014/01/29 01:31:50 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/29 01:31:18 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/29 01:31:16 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/29 01:31:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/23 13:10:43 | 000,021,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/23 13:10:43 | 000,021,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/23 13:09:12 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/23 13:09:12 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/23 13:03:13 | 2414,682,112 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/14 10:41:51 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2014/01/14 10:41:50 | 000,000,088 | RHS- | M] () -- C:\ProgramData\BC0189C886.sys
[2014/01/12 00:42:35 | 000,450,639 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/01/12 00:42:09 | 000,450,639 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20140112-004235.backup
[2014/01/12 00:41:46 | 000,450,639 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20140112-004209.backup
========== Files Created - No Company Name ==========
[2014/01/14 11:57:14 | 004,844,544 | ---- | C] () -- C:\Users\Jason\Documents\Sleepwalk-1.pps
[2014/01/14 11:57:14 | 002,831,872 | ---- | C] () -- C:\Users\Jason\Documents\OldAmerica.pps
[2013/12/26 12:47:55 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013/12/18 11:03:38 | 000,000,218 | ---- | C] () -- C:\Users\Jason\AppData\Local\recently-used.xbel
[2013/10/19 08:22:31 | 000,011,600 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2013/10/05 13:33:41 | 000,054,552 | ---- | C] () -- C:\Windows\System32\k19hinst.dll
[2013/10/01 08:11:40 | 000,008,791 | ---- | C] () -- C:\Windows\wininit.ini
[2013/09/07 07:03:56 | 000,000,248 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2013/09/07 07:03:56 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2013/09/07 07:00:30 | 000,002,944 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2013/09/07 06:59:41 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2013/09/07 06:59:41 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2013/09/07 06:59:35 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2013/09/07 06:59:30 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2013/07/20 01:06:17 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2013/07/20 01:06:17 | 000,000,088 | RHS- | C] () -- C:\ProgramData\BC0189C886.sys
[2013/07/19 20:27:15 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/07/19 20:27:15 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/07/19 20:27:15 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/07/19 18:55:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/09/01 11:56:31 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Autodesk
[2013/12/07 09:29:25 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Bitstream
[2013/09/07 07:17:03 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ControlCenter4
[2013/12/18 10:58:39 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ImgBurn
[2013/09/05 02:11:40 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\inkscape
[2013/10/05 13:33:46 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Leadertech
[2013/09/09 06:25:28 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nuance
[2013/09/03 19:14:16 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Sierra Wireless
[2013/07/19 23:32:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SumatraPDF
[2013/07/19 23:31:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TeraCopy
[2013/12/26 12:49:55 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\uTorrent
[2013/12/26 12:48:15 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\VDownloader
[2013/09/09 06:25:32 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Zeon
[2013/10/07 06:54:39 | 000,000,000 | ---D | M] -- C:\Users\JJAM\AppData\Roaming\ControlCenter4
[2013/10/07 23:20:17 | 000,000,000 | ---D | M] -- C:\Users\JJAM\AppData\Roaming\Sierra Wireless
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 1/29/2014 1:33:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.68% Memory free
6.00 Gb Paging File | 4.79 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.83 Gb Total Space | 147.62 Gb Free Space | 66.85% Space Free | Partition Type: NTFS
Drive D: | 11.96 Gb Total Space | 5.13 Gb Free Space | 42.94% Space Free | Partition Type: NTFS
Drive G: | 960.81 Mb Total Space | 952.93 Mb Free Space | 99.18% Space Free | Partition Type: FAT32
Computer Name: JASON-PC2 | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1489219213-3380654759-245415699-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program files\Rogers\Rogers Connection Manager\TRUUpdater.exe" = C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater -- (Sierra Wireless, Inc.)
"C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMuxX.exe" = C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX
"C:\Program files\Rogers\Rogers Connection Manager\SwiApiMuxX.exe" = C:\Program files\Rogers\Rogers Connection Manager\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6DF763DC-7132-43A1-A36C-75F654DD1C3B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F0753F-ED10-40C0-8CC9-C0BC32D5DA24}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{03BB923A-67B5-4755-93B9-74D8AD775D85}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2B158424-1C6A-4C71-BD0D-3784A767D728}" = protocol=17 | dir=in | app=c:\users\jason\appdata\roaming\utorrent\utorrent.exe |
"{32E0616C-2FED-4DEF-A79E-827A338CD45B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{33D53D72-DB29-43F9-AD71-638C85E0E460}" = protocol=6 | dir=in | app=c:\users\jason\appdata\roaming\utorrent\utorrent.exe |
"{44DD0572-B240-4731-9C0C-5B0B95F2C93F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{56A25997-F987-4843-8D62-566001B069AE}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{6AE1052A-F482-438E-AD34-E6235A90693F}" = dir=out | app=%programfiles%\corel\coreldraw graphics suite x4\programs\coreldrw.exe |
"{79069B45-390B-467C-8979-F74930289FCA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8856CF6B-C0DB-403D-B472-29F076C9E34F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9CCDE00D-AC49-4803-BC27-933BA3AC9ACA}" = dir=out | app=%programfiles%\corel\coreldraw graphics suite x4\programs\corelpp.exe |
"{A1DBFA41-64F7-404B-8B35-35D824DC2773}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{F5988DCE-32BF-4F60-AD25-70E9AB985FB1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}" = Brother MFL-Pro Suite MFC-J6910DW
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2E97DE76-851A-48AA-A0D6-665860FAD9CA}" = Keyspan USB Serial Adapter
"{38764777-9FDB-35BC-A8DB-FA324E5EAC4A}" = Google Chrome
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1627
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C295E308-5238-4157-962C-FDBF090ECC7E}" = Rogers Connection Manager
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core
"1ClickDownload" = TornTV
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GIMP-2_is1" = GIMP 2.8.6
"ImgBurn" = ImgBurn
"Inkscape" = Inkscape 0.48.4
"Kinnetic FX" = Kinnetic FX 1.14
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SumatraPDF" = SumatraPDF
"TeraCopy_is1" = TeraCopy 2.27
"VLC media player" = VLC media player 2.0.7
"WinPcapInst" = WinPcap 4.1.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1489219213-3380654759-245415699-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/11/2014 11:47:57 AM | Computer Name = Jason-PC2 | Source = WinMgmt | ID = 10
Description =
Error - 1/13/2014 2:19:04 PM | Computer Name = Jason-PC2 | Source = WinMgmt | ID = 10
Description =
Error - 1/15/2014 1:47:54 PM | Computer Name = Jason-PC2 | Source = WinMgmt | ID = 10
Description =
Error - 1/15/2014 4:07:25 PM | Computer Name = Jason-PC2 | Source = WinMgmt | ID = 10
Description =
Error - 1/15/2014 4:39:18 PM | Computer Name = Jason-PC2 | Source = WinMgmt | ID = 10
Description =
Error - 1/19/2014 12:58:53 PM | Computer Name = Jason-PC2 | Source = Application Error | ID = 1000
Description = Faulting application name: TRUUpdater.exe, version: 11.4.1111.0, time
stamp: 0x4eb334a7 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x428 Faulting application
start time: 0x01cf1232cbd0d038 Faulting application path: C:\Program Files\Sierra
Wireless Inc\WebUpdater\TRUUpdater.exe Faulting module path: unknown Report Id: f98f1f60-812a-11e3-9580-00a0d5ffffae
Error - 1/23/2014 4:03:31 PM | Computer Name = Jason-PC2 | Source = WinMgmt | ID = 10
Description =
Error - 1/23/2014 9:00:05 PM | Computer Name = Jason-PC2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/23/2014 9:00:05 PM | Computer Name = Jason-PC2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15600
Error - 1/23/2014 9:00:05 PM | Computer Name = Jason-PC2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15600
[ Spybot - Search and Destroy Events ]
Error - 12/26/2013 4:51:18 PM | Computer Name = Jason-PC2 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 12/29/2013 12:56:22 PM | Computer Name = Jason-PC2 | Source = Service Control Manager | ID = 7000
Description = The WinHTTP Web Proxy Auto-Discovery Service service failed to start
due to the following error: %%1053
Error - 12/29/2013 12:57:05 PM | Computer Name = Jason-PC2 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the WinHttpAutoProxySvc service.
Error - 12/29/2013 12:57:05 PM | Computer Name = Jason-PC2 | Source = Service Control Manager | ID = 7000
Description = The WinHTTP Web Proxy Auto-Discovery Service service failed to start
due to the following error: %%1053
Error - 12/29/2013 12:57:38 PM | Computer Name = Jason-PC2 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the WinHttpAutoProxySvc service.
Error - 12/29/2013 12:57:38 PM | Computer Name = Jason-PC2 | Source = Service Control Manager | ID = 7000
Description = The WinHTTP Web Proxy Auto-Discovery Service service failed to start
due to the following error: %%1053
Error - 1/7/2014 2:30:25 PM | Computer Name = Jason-PC2 | Source = DCOM | ID = 10010
Description =
Error - 1/8/2014 12:09:57 PM | Computer Name = Jason-PC2 | Source = DCOM | ID = 10010
Description =
Error - 1/10/2014 9:18:27 PM | Computer Name = Jason-PC2 | Source = DCOM | ID = 10010
Description =
Error - 1/15/2014 4:31:53 PM | Computer Name = Jason-PC2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk3\DR3.
Error - 1/15/2014 4:31:54 PM | Computer Name = Jason-PC2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk3\DR3.
< End of report >
# AdwCleaner v3.017 - Report created 29/01/2014 at 01:44:35
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Jason - JASON-PC2
# Running from : G:\AdwCleaner (1).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\Windows\System32\Tasks\MySearchDial
File Found : C:\Windows\Tasks\MySearchDial.job
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\KeyBar_1.8
Folder Found C:\Program Files\Mobogenie
Folder Found C:\Program Files\Searchprotect
Folder Found C:\Program Files\TornTV.com
Folder Found C:\Program Files\Vafmusic2
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Folder Found C:\Users\Jason\AppData\Local\genienext
Folder Found C:\Users\Jason\AppData\Local\Mobogenie
Folder Found C:\Users\Jason\AppData\LocalLow\Conduit
Folder Found C:\Users\Jason\AppData\LocalLow\KeyBar_1.8
Folder Found C:\Users\Jason\AppData\LocalLow\PriceGong
Folder Found C:\Users\Jason\AppData\LocalLow\Vafmusic2
Folder Found C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found C:\Users\Jason\Documents\Mobogenie
Folder Found C:\Users\JJAM\AppData\LocalLow\Vafmusic2
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\KeyBar_1.8
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Vafmusic2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\FLEXnet
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}
Key Found : HKCU\Software\Pokki
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\Vafmusic2
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3294791
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Found : HKLM\Software\hdcode
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\KeyBar_1.8
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21CCBA82-8D71-40F0-A003-E5657FFBEE94}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33F67ACD-DA08-40DD-9D1F-B492D5122D35}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F90F6DC-952B-4ECD-8E80-767DFF192A5E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2417B40-BB85-4244-BA17-DCD81740B65E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateSaltarSmart_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateSaltarSmart_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BackgroundContainer Startup Task
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Desk 365 RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\MySearchDial
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51A39C53-9A33-4888-88A5-6E94085612C8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51A39C53-9A33-4888-88A5-6E94085612C8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAD5A635-BAE5-4B0E-8098-8E0B584DF47B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4436EC1-C086-4815-9DCC-F32D482BE21C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4436EC1-C086-4815-9DCC-F32D482BE21C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KeyBar_1.8 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vafmusic2 Toolbar
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Vafmusic2
Key Found : HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\Update SaltarSmart
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtD0AtD0DyD0F0F0F0F0A0EyCzzyDyDtN0D0Tzu0CyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1537722089&ir=
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\JJAM\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
Found : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [7596 octets] - [29/01/2014 01:44:35]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7656 octets] ##########
Eset scanner
C:\Program Files\KeyBar_1.8\ldrtbKeyB.dll a variant of Win32/Toolbar.Conduit.P application
C:\Program Files\KeyBar_1.8\tbKeyB.dll a variant of Win32/Toolbar.Conduit.B application
C:\Program Files\Mobogenie\nengine.dll Win32/NextLive.A application
C:\Program Files\Vafmusic2\ldrtbVafm.dll a variant of Win32/Toolbar.Conduit.P application
C:\Program Files\Vafmusic2\tbVafm.dll a variant of Win32/Toolbar.Conduit.B application
C:\Users\Jason\AppData\Local\genienext\nengine.dll Win32/NextLive.A application
C:\Users\Jason\AppData\LocalLow\KeyBar_1.8\ldrtbKeyB.dll a variant of Win32/Toolbar.Conduit.P application
C:\Users\Jason\AppData\LocalLow\KeyBar_1.8\tbKeyB.dll a variant of Win32/Toolbar.Conduit.B application
C:\Users\Jason\AppData\LocalLow\KeyBar_1.8\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A application
C:\Users\Jason\AppData\LocalLow\Vafmusic2\ldrtbVafm.dll a variant of Win32/Toolbar.Conduit.P application
C:\Users\Jason\AppData\LocalLow\Vafmusic2\tbVafm.dll a variant of Win32/Toolbar.Conduit.B application
C:\Users\Jason\AppData\LocalLow\Vafmusic2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A application
C:\Users\Jason\Downloads\AA_v3.exe a variant of Win32/RemoteAdmin.Ammyy.B application
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D application
D:\Windows\System32\autochk.exe a variant of Win32/CompuTrace.A application
Edited by jjam04, 29 January 2014 - 05:05 AM.